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AMENDMENTS TO THE CLAIMS 

This listing of claims replaces all prior versions and listings of claims in the application: 
Listing of Claims 

1. (Canceled) 

2. (Currently Amended) The method of c l a i m 1 claim 40 , wherein said 
mobility anchoring agent is a home agent in a home network of said mobile router. 

3. (Currently Amended) The method of c l a i m 1 claim 40 , wherein said 
mobility anchoring agent is a local forwarding agent in a visited network. 

4. (Currently Amended) The method of cl ai m 1 claim 40 , wherein said 
mobility anchoring agent runs a NEMO-based (Network Mobility) mobility support 
protocol with said mobile router. 

5. (Previously Presented) The method of claim 4, wherein said mobile 
router is interconnected with said mobility anchoring agent through a NEMO bi- 
directional tunnel, and the mobility anchoring agent filters downlink packets before said 
NEMO bi-directional tunnel, and the mobile router filters uplink packets before said 
NEMO bi-directional tunnel. 

6. (Currently Amended) The method of cla i m 1 claim 40 , wherein said 
step of filtering downlink packets, at the mobility anchoring agent includes checking 
headers of downlink IP packets that traverse an access control point in said mobility 
anchoring agent, and said step of filtering uplink packets at said mobile router includes 
checking headers of uplink IP packets that traverse an access control point in said 
mobile router. 
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7-10. (Canceled) 

1 1 . (Currently Amended) The method of cla i m 7 claim 40 , wherein said 
access control source is implemented in an Authentication, Authorization and 
Accounting (AAA) client, and provisioning information related to a node in said movable 
network is transferred from an AAA server associated with the home network of said 
node to said AAA client and the access control source. 

12-18. (Canceled) 

19. (Currently Amended) The arrangement of c l aim 16 claim 45 , wherein 
said mobile router and said mobility anchoring agent are configured to run a NEMO- 
based (Network Mobility) mobility support protocol. 

20. (Currently Amended) The arrangement of c l aim 19 claim 45 , wherein 
said mobile router is interconnected with said mobility anchoring agent through a NEMO 
bi-directional tunnel, and said filtering means at said mobility anchoring agent filters the 
downlink packets before said NEMO bi-directional tunnel, and said filtering means at 
said mobile router filters the uplink packets before said NEMO bi-directional tunnel. 

21-31. (Canceled) 

32. (Currently Amended) The mobility anchoring agent of cla i m 31 claim 
47, wherein said mobility anchoring agent is configured to run a NEMO-based (Network 
Mobility) mobility support protocol with said mobile router. 

33. (Previously Presented) The mobility anchoring agent of claim 32, 
wherein the means for interconnecting with said mobile router includes a NEMO bi- 
directional tunnel, and said means for monitoring and filtering filters the downlink 
packets before said NEMO bi-directional tunnel. 
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34. (Currently Amended) The mobility anchoring agent of c l a i m 31 claim 
47, wherein said means for monitoring and filtering checks headers of packets that 
traverse an access control point in said mobility anchoring agent. 

35-38. (Canceled) 

39. (New) A method of access control for a movable network managed by 
a mobile router, wherein said mobile router is interconnected through a bi-directional 
radio link with a mobility anchoring agent that anchors the network mobility for the 
mobile router, said method comprising the steps of: 

receiving at the mobile router, access control filter information originating from an 
access control source, wherein the access control filter information is received at least 
in part over the bi-directional radio link via the mobility anchoring agent; 

configuring a first access control module at the mobile router with the access 
control filter information; 

filtering uplink packets by the first access control module according to the access 
control filter information to eliminate unauthorized uplink packets; and 

transmitting the filtered uplink packets from the mobile router to the mobility 
anchoring agent over the bi-directional radio link. 

40. (New) The method of claim 39, further comprising the steps of: 
receiving at the mobility anchoring agent, the access control filter information 

originating from the access control source; 

configuring a second access control module at the mobility anchoring agent with 
the access control filter information; 

filtering downlink packets by the second access control module according to the 
access control filter information to eliminate unauthorized downlink packets; and 

transmitting the filtered downlink packets from the mobility anchoring agent to the 
mobile router over the bi-directional radio link. 
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. 41 . (New) The method of claim 40, wherein the access control source 
sends the access control filter information through a flat provisioning architecture in 
which the same access control filter information is sent to the mobility anchoring agent 
for filtering downlink packets and to the mobile router for filtering uplink packets. 

42. (New) The method of claim 40, wherein the access control source 
sends the access control filter information through a hierarchical provisioning 
architecture in which the mobility anchoring agent receives the access control filter 
information and configures the second access control module with a first portion of the 
access control filter information related to downlink packets, and subsequently forwards 
to the mobile router, a second portion of the access control filter information related to 
uplink packets. 

43. (New) The method of claim 40, wherein the access control filter 
information includes packet-filtering rules for controlling access to particular services, 
and the filtering steps are performed after nodes in the movable network are 
authenticated and authorized access to the network. 12/21-24 

44. (New) An arrangement for access control for a movable network, the 
arrangement comprising: 

a mobile router for managing the movable network; and 
a mobility anchoring agent interconnected to the mobile router through a bi- 
directional radio link, the mobility anchoring agent anchoring the network mobility for the 
mobile router; 

wherein the mobile router includes: 

means for receiving access control filter information originating from an 
access control source, wherein the access control filter information is received at least 
in part over the bi-directional radio link via the mobility anchoring agent; 

a first access control module for filtering uplink packets according to the 
access control filter information to eliminate unauthorized uplink packets; and 
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means for transmitting the filtered uplink packets from the mobile router to 
the mobility anchoring agent over the bi-directional radio link. 

45. (New) The arrangement of claim 44, wherein the mobility anchoring 
agent includes: 

means for receiving the access control filter information from the access control 
source; 

a second access control module for filtering downlink packets according to the 
access control filter information to eliminate unauthorized downlink packets; and 

means for transmitting the filtered downlink packets from the mobility anchoring 
agent to the mobile router over the bi-directional radio link. 

46. (New) The arrangement of claim 45, wherein the mobility anchoring 
agent and the access control source are located in the same network. 

47. (New) A mobility anchoring agent for anchoring network mobility for a 
mobile router that manages a movable network, the mobility anchoring agent 
comprising: ♦ 

means for interconnecting with the mobile router through a bi-directional radio 

link; 

means for receiving access control filter information from an access control 
source; 

an access control module for filtering downlink packets according to the access 
control filter information to eliminate unauthorized downlink packets; and 

means for transmitting the filtered downlink packets from the mobility anchoring 
agent to the mobile router over the bi-directional radio link. 

48. (New) The mobility anchoring agent of claim 47, wherein the means for 
receiving access control filter information receives the information through a hierarchical 
provisioning architecture, and the mobility anchoring agent further comprises: 
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means for configuring the access control module with a first portion of the access 
control filter information related to downlink packets; and 

means for subsequently forwarding to the mobile router, a second portion of the 
access control filter information related to uplink packets. 
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